> -----Original Message----- > From: redhat-list-bounces@xxxxxxxxxx [mailto:redhat-list- > bounces@xxxxxxxxxx] On Behalf Of Bill Tangren > Sent: Tuesday, January 31, 2006 4:44 PM > To: General Red Hat Linux discussion list > Subject: Re: (RHE4) Logrotate Not Restarting Syslog > > Jason Williard wrote: > >>>Does anyone know why this is not working? > >> > >>Maybe, but I had something similar which was caused because the /tmp > >>partition mounted with noexec. > > > > > > > > That appears to have been my issue. I removed noexec from that line in > > /etc/fstab, restarted and now things are working again. > > > > Thanks, > > Jason > > > > You may want to be careful with that solution. Everyone on your system has > access to /tmp. I believe noexec is there for security reasons. You might > want > to consider Sean's solution instead. > > Bill Yes, the presence of 'noexec' may by due to security reasons. For example, someone can create file in /tmp and set its executable bit. Of course, this by itself does not present security problem. However, suppose that another user has current directory (.) in his PATH before standard directories (yes, this is not recommended, but some users still doing it). Then, if the user's current directory is /tmp and the executable file is named as some commonly used program (suc as 'ls'), the program in /tmp will be executed instead of standard 'ls' when the user is in /tmp directory. The program will be executed with id ID of user who wanted to execute 'ls', not the user who created the program - this can have several security consequences. However, I think that the presence of the ability to execute programs in /tmp without other security weaknesses, such as '.' in PATH will not make the system vulnerable to attacks. Alexey Fadyushin Brainbench MVP for Linux. http://eee.brainbench.com -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
